Securing data, such as digitized voice, digitized video, computer data (e.g., e-mail, files, programs), etc., for transmission may be done in a variety of ways. For example, the data may be encrypted using an encryption algorithm, such as the Data Encryption Standard (DES), with a symmetric key. Once the data is encrypted, it is provided to a receiving party, or parties, where each receiving party uses its own copy of the symmetric key to decrypt the encrypted message. The sending and receiving parties may discard the symmetric key after one transmission or use it for a plurality of transmissions. Data secured and transmitted in this manner provides reliable security as long as the symmetric key is known only by the sending and receiving parties. As such, a critical issue with symmetric key encryption is providing the symmetric key to all parties without compromising its security. Note that the security of a symmetric key is compromised when an unauthorized party has obtained it.
Another encryption process utilizes public/private key pairs that includes, for each party, a private decryption key and a public encryption key. The set of key pairs for a user, or security credentials, may further include a private signature key and a public signature verification key. The public encryption key and the public signature verification key are publicly available, such that a sending party may obtain the public encryption key for each targeted recipient. As in the previous example, the message is encrypted using an algorithm such as DES and a symmetric key. The public encryption keys for all of the desired recipients are then obtained.
The symmetric key is then "wrapped" for each recipient. To wrap a symmetric key, it is encrypted using the public key of a recipient. This process is repeated for each recipient, and the resulting wrapped keys are placed in the security header. The receiving party locates his copy of the wrapped key by the key identifier in the header. The recipient can then decrypt the symmetric key using his private key. In this way, multiple recipients can each locate their wrapped copy of the symmetric key, unwrap the key, and then use the symmetric key to decrypt the message. This scheme allows the symmetric key to be distributed along with the secured data, accessible only to recipients selected by the sender. To further enhance the security of the transmission, the sending party may digitally sign the message using its private signature key.
To facilitate the transmission of a secure message to a plurality of recipients, the sending party may access a recipient list, which includes the identity of each member of a particular group. For example, in a company, a recipient list may include members of an accounting department, another list for finance, another list for engineering, etc. As such, when a sending party wishes to transmit a secure message to the members of a group, it accesses the appropriate recipient list to identify each of the targeted recipients. Client software (i.e., the encryption software incorporated into the computer operated by the user), interprets the recipient list, obtains the encryption keys for each of the recipients (typically from a directory) and individually encrypts the message for each.
If the recipient list is relatively small (e.g., approximately 10 or less), the overhead processing of individually encrypting symmetric keys for the members identified in the recipient list is not significant. As the number of recipients increases, however, the processing by the client software as well as the amount of data generated increases proportionately. For example, since the average electronic mail message is quite short, the processing overhead of creating the wrapped keys for each recipient grows with the size of the recipient list. Also, the size of the secured message header (containing a wrapped key for each recipient) grows to the point where the security header may exceed the size of the message itself by a very large degree.
Therefore a need exists for a method that minimizes data and processing overhead when providing secured group communications.